Japan Enters the Crypto Wars

The fate of the US's crippling export controls on encryption, as well as Clinton's attempt to revive Clipper, may be decided in Tokyo

Many in the digital community think the battle over US export controls on crypto is being fought – and slowly won – in the halls of Congress. And many more think the Clinton administration's attempts to resurrect the ghost of the Clipper Chip – through various schemes ensuring government access to encrypted information – are dead as well. Well, think again.

Stewart Baker, the former general counsel to the National Security Agency from 1992 to 1994, argues that the decisive battle over crypto will take place in the international, rather than the domestic, arena – and that the player to watch is Japan. His controversial analysis: international consensus may be quietly forming around a trusted third party key escrow system, but Japan still could play the spoiler. Baker is not without his interests in matters crypto. He now advises some technology companies that oppose current export controls and others that expect to participate in a trusted third party system.

This article has been reproduced in a new format and may be missing content or contain faulty links. Contact wiredlabs@wired.com to report an issue.

For advocates of commercial cryptography, it is the best of times and it is the worst of times. Never has the deployment of standardized strong encryption seemed so necessary or so close. People increasingly see that cryptography – both digital signatures and confidentiality – can provide the security needed to move vast streams of commercial, financial, and medical data across open networks.

And yet the closer that day seems to come, the more the governments of the world resist, fearing what terrorists and criminals will do with an impregnable network and communications security.

Increasingly, this tension between the needs of commerce and those of government is symbolized by the difference between the tales unfolding in two cities, Tokyo and Paris.

Tokyo's catch-up

Until recently, Japanese industry had little interest in cryptography. A handful of Japanese academics had made contributions to the field, and NTT researchers had developed FEAL, an alternative to the US Digital Encryption Standard (DES), one that was designed to be much faster to implement. But, on the whole, Japan's technology companies left cryptography to the government.

Even there, attention was fragmented. When the National Police Agency needed an encryption system to secure its mobile radio communications in the 1980s, it had to establish its own cryptographic capability. Other agencies, such as the Japanese Ministry of Foreign Affairs, had developed encryption systems for their own communications, but there was no government center of cryptographic expertise.

Internet fever has changed all that. For a variety of reasons – high PC prices, the awkwardness of using keyboards for kanji, and a disinclination to invest in the automation of management (as opposed to production) – Japan has come late to the computer networking revolution. Now, however, it sometimes seems as if the entire country is talking about nothing but the Internet and its wonders.

Along with this fascination has come a familiar refrain: that Japan is far behind foreign industry leaders and that, without concerted effort, it will not be competitive in the coming decade. Those who follow Japanese industry closely also know the second verse: that major technical initiatives funded by government and industry are needed to master the best foreign technology. These initiatives are followed by products that incorporate uniquely Japanese improvements and that are launched with enthusiasm into global markets. While Japan's government-industry "catch-up" campaigns do not always lead to market dominance (for example, in software and HDTV), they usually pose serious challenges to the established market leaders.

Japan's push in the field of cryptography has every potential to do the same. NTT, to take one example, is threatened with an AT&T-style breakup and wants to use its huge research budget for practical commercial ventures with ties to telephony. NTT also has a long history of research in cryptography. In addition to developing FEAL, it has recently announced digital signature and digital cash systems. Hitachi already makes all of the hardware associated with Mondex, the prominent electronic cash system now getting trials in several nations. And two rival ministries, the Ministry of International Trade and Industry (MITI) and the Ministry of Posts and Telecommunications (MPT), are each spending more than ¥11 billion (US$100 million) this year to support corporate research to develop and test new cryptographic applications, particularly in the field that is said to need them most – electronic commerce and finance.

In short, the concerted attention and billions of government yen that Japan is lavishing on network technology will almost certainly yield a host of Japanese products that incorporate sophisticated cryptography – and soon. In fact, at a recent hearing on legislation to liberalize US export controls, Jim Bidzos of RSA Data Security announced with fanfare that NTT had already built and exported a triple-DES chip that would bust all controls. He even passed two of the chips around from senator to senator.

The prospect of Japanese entry into this market strikes at the heart of US controls on encryption. The future of these controls depends on the policymakers maintaining confidence that controls do not seriously hurt American industry. While many in industry challenge this view, the government has few doubts. A classified study of the world encryption market was prepared last year by an odd-couple combination of officials from the Commerce Department and the National Security Agency. While noting that controls posed a risk to US competitiveness, the public summary notes surprisingly little effect so far on US market share – and casts doubt on the quality of foreign competition.

Those findings were crucial to continued administration support for strict export controls. If the report had found that foreign products were of high quality and gaining sizable markets, it would have been a major blow to supporters of controls. Very few policymakers in the US government want to maintain encryption controls if that means forfeiting the cryptography market to other suppliers.

That is why Japan's effort is so important. It stands a good chance of transforming international competition in cryptography, for two reasons. First, Japanese cryptographic products will be very good and very convenient. Second, while they may be developed first for the Japanese market, Japan is not required by international agreement to restrain exports of cryptography – at least not in the aggressive manner carried out by the United States. During the Cold War, Japan did belong to the multilateral CoCom agreement that controlled high-tech exports to the Communist bloc. Since the end of the Cold War, diplomats have labored to create a "new forum" to replace CoCom. But the closest they have come is a loose international agreement not to sell particularly sensitive technologies (including encryption) to a small number of pariah régimes and their armies.

This new agreement is unlikely to have much effect on Japanese encryption exports. The agreement restricts sales to only a handful of countries that are inconsequential as encryption markets; it would not preclude Japan from selling encryption to other countries. It calls only for notification of such sales – notification that may occur after the fact. So, other nations have no veto over encryption sales by Japanese companies. At best, they have a chance to lobby the Japanese government.

In contrast, the US does control ordinary commercial encryption sales to Europe, Asia, and other big markets. At a minimum, crypto exports still require individual State Department licenses, leaving even exporters whose products abide by the controls at the mercy of changing State Department policies toward countries like China. However, the Clinton administration recently proposed shifting that responsibility to the Commerce Department.

It is hard to see how the current policy can survive for long in the face of unrestricted Japanese competition for commercial markets.

Paris's diplomatic wrangling

Which brings us to Paris – the heart of the crypto counterrevolution. Not only has France long imposed some of the strictest limits in the developed world on domestic sales of encryption, Paris also is home to the Organization for Economic Cooperation and Development (OECD). And it is the OECD that is hosting multilateral talks on how governments should respond to the challenge of commercial encryption.

Like Japan's great technology companies, American and European computer and software makers have shown great interest in cryptographic applications for computer networks. But the United States and the European governments with the greatest cryptographic expertise have been reluctant to let their companies market any encryption their executives choose. France and Russia have even restricted domestic use of sophisticated encryption. But simply restricting encryption will not work. The business case for strong encryption is too compelling.

Instead, Western governments are increasingly attracted to a variant of the key escrow encryption scheme made famous by the Clipper Chip.

In its current incarnation, key escrow is known as trusted third party encryption, so called because backup crypto keys are held by a third party in case either the user or the government needs access to the encrypted data. Unlike Clipper, this offers more advantages to businesses that might need to recover lost data.

Digital signatures systems already generally require some trusted third party to certify the original signatures. However, trusted third party encryption is untried and likely to be more costly than slapping DES into source code. Plus, it's much more controversial for telecommunications than for stored data. If governments want trusted third party encryption to become the standard, they will have to put some muscle behind that effort. And they will have to coordinate closely. Moving a global market will require a global agreement.

That, of course, is why the United States has asked the OECD to midwife an international policy agreement on encryption by early 1997. But agreement in the OECD depends on consensus, and that has thrust Japan's ordinarily self-effacing diplomats squarely into the spotlight.

At first, it seemed that Japan would welcome the opportunity to take an assertive stance against regulation of encryption. The earliest OECD meetings were attended by large delegations from MITI and MPT – the two agencies most interested in cryptography's commercial prospects. The police and prosecutors who are so prominent on the US delegation were not to be found on Japan's. Japanese representatives openly questioned the workability of encryption controls. And they made it clear that Japanese politicians would not cheerfully embrace the idea of controlling encryption to make wiretaps easier for law enforcement. Wiretapping is still viewed with deep suspicion in Japan and is barred in all but a handful of cases by Japan's constitution. If it is hard to sell Americans on wiretapping in the abstract (and it is), the job is even tougher in Japan.

But that was the first few meetings. By June, the most recent session, Japan had largely changed its tune. Suddenly, a representative of the Japanese police was not just a delegate – he was assigned to deliver much of Japan's presentation. And once he had spoken, Japan seemed to go silent for the rest of the session. Instead, a dwindling band of smaller countries – principally Canada – took on the task of stressing the importance of privacy and free markets.

What gives? There are a lot of possible explanations. Perhaps the assertive diplomatic style of the earlier meetings simply attracted too many critics inside the Japanese government. Or perhaps continuing internal discussions moderated Japan's free-market predilections. After all, Japan has more experience with high-visibility criminals using encryption than even FBI Director Louis Freeh does. The perpetrator of the 1995 Tokyo subway gassings was Aum Supreme Truth, a high-tech religious sect that used encryption to try to prevent authorities from reading its computer files. And the use of encryption for money laundering remains a major concern for such powerful institutions as the Bank of Japan and the Ministry of Finance.

Or maybe Japan began to worry that it would be on the losing side of the debate. Other countries that had earlier expressed doubts about trusted third party encryption also seemed more subdued at the recent international gathering. Meanwhile, advocates of the approach, such as the UK and the US, put forward substantial new plans for implementing trusted third party encryption. France even had a brand-new telecommunications bill in its legislature that more or less would mandate the use of trusted third party encryption. All this added to a sense that some kind of international trusted third party system was coming, like it or not.

But equally important, Japan was uncomfortable with the prominent role its plans have played in the US debate over export controls. With the help of the US Senate and The New York Times, Bidzos

of RSA turned the Japanese triple-DES chips into a major media event. Suddenly, as one Japanese diplomat complained privately, the US media were making a big deal out of something that didn't warrant such attention. The producer of the chips was really an NTT subsidiary, the Japanese said, and the chips were old (1.2 micron) technology – more a speculative flier than the first shot in a crypto war.

Play ball

Japan's new stance may signal nothing more than a tactical decision not to take the lead in opposing an agreement in Paris. The Japanese government is still spending billions of yen on electronic commerce technology – and very little if any of that is going into trusted third party systems. The NTT triple-DES chip may have been mostly hype, but more serious products are surely on their way, and nothing prevents them from being marketed more or less everywhere.

On the other hand, the new Japanese position may reflect the beginning of a bigger change inside Japan. Law enforcement, national defense, and foreign affairs officials may have begun to exercise new clout within the Japanese government. Japanese companies may now believe that escrowed encryption will be so heavily favored by European and American governments that it will be a commercial success.

In the end, the attempt within the OECD to reach an international agreement on trusted third party encryption will fail if Japan's new stance is only tactical. If Japan has simply decided to lie low and hope for a weak OECD agreement that lets its companies sell whatever they want in export markets, then the pressure of world-class Japanese cryptography on the market will soon make US export controls an unaffordable luxury. In short, it is unlikely that the US-led efforts in the OECD can succeed if Japan does not agree to bring its technology companies into the "trusted third party" fold.

So, will events in Tokyo or Paris decide the future of encryption controls? The answer is Tokyo. Paris can prevail only with Tokyo's consent.

Here’s The Thing With Ad Blockers

We get it: Ads aren’t what you’re here for. But ads help us keep the lights on. So, add us to your ad blocker’s whitelist or pay $1 per week for an ad-free version of WIRED. Either way, you are supporting our journalism. We’d really appreciate it.